Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/keycloak@12.0.0-1
Typealpm
Namespacearchlinux
Namekeycloak
Version12.0.0-1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version12.0.3-1
Latest_non_vulnerable_version16.0.0-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-rssz-yqj9-b7h8
vulnerability_id VCID-rssz-yqj9-b7h8
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14366.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14366.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14366
reference_id
reference_type
scores
0
value 0.00384
scoring_system epss
scoring_elements 0.59699
published_at 2026-04-21T12:55:00Z
1
value 0.00384
scoring_system epss
scoring_elements 0.5969
published_at 2026-04-09T12:55:00Z
2
value 0.00384
scoring_system epss
scoring_elements 0.5971
published_at 2026-04-11T12:55:00Z
3
value 0.00384
scoring_system epss
scoring_elements 0.59693
published_at 2026-04-12T12:55:00Z
4
value 0.00384
scoring_system epss
scoring_elements 0.59674
published_at 2026-04-13T12:55:00Z
5
value 0.00384
scoring_system epss
scoring_elements 0.59707
published_at 2026-04-16T12:55:00Z
6
value 0.00384
scoring_system epss
scoring_elements 0.59715
published_at 2026-04-18T12:55:00Z
7
value 0.00384
scoring_system epss
scoring_elements 0.59557
published_at 2026-04-01T12:55:00Z
8
value 0.00384
scoring_system epss
scoring_elements 0.59631
published_at 2026-04-02T12:55:00Z
9
value 0.00384
scoring_system epss
scoring_elements 0.59656
published_at 2026-04-04T12:55:00Z
10
value 0.00384
scoring_system epss
scoring_elements 0.59625
published_at 2026-04-07T12:55:00Z
11
value 0.00384
scoring_system epss
scoring_elements 0.59676
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14366
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14366
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14366
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1869764
reference_id 1869764
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1869764
4
reference_url https://security.archlinux.org/AVG-1471
reference_id AVG-1471
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1471
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-14366
reference_id CVE-2020-14366
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-14366
6
reference_url https://github.com/advisories/GHSA-cp67-8w3w-6h9c
reference_id GHSA-cp67-8w3w-6h9c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cp67-8w3w-6h9c
7
reference_url https://access.redhat.com/errata/RHSA-2020:4931
reference_id RHSA-2020:4931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4931
fixed_packages
0
url pkg:alpm/archlinux/keycloak@12.0.0-1
purl pkg:alpm/archlinux/keycloak@12.0.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/keycloak@12.0.0-1
aliases CVE-2020-14366, GHSA-cp67-8w3w-6h9c
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rssz-yqj9-b7h8
1
url VCID-t22n-hvrb-67b5
vulnerability_id VCID-t22n-hvrb-67b5
summary 
Authentication Bypass in keycloak
A flaw was found in Keycloak before version 12.0.0 where it is possible to update the user's metadata attributes using Account REST API. This flaw allows an attacker to change its own NameID attribute to impersonate the admin user for any particular application.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27826.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27826.json
1
reference_url https://access.redhat.com/security/cve/cve-2020-27826
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/cve-2020-27826
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-27826
reference_id
reference_type
scores
0
value 0.00166
scoring_system epss
scoring_elements 0.37638
published_at 2026-04-13T12:55:00Z
1
value 0.00166
scoring_system epss
scoring_elements 0.37605
published_at 2026-04-21T12:55:00Z
2
value 0.00166
scoring_system epss
scoring_elements 0.37673
published_at 2026-04-08T12:55:00Z
3
value 0.00166
scoring_system epss
scoring_elements 0.37687
published_at 2026-04-09T12:55:00Z
4
value 0.00166
scoring_system epss
scoring_elements 0.377
published_at 2026-04-11T12:55:00Z
5
value 0.00166
scoring_system epss
scoring_elements 0.37666
published_at 2026-04-12T12:55:00Z
6
value 0.00166
scoring_system epss
scoring_elements 0.37685
published_at 2026-04-16T12:55:00Z
7
value 0.00166
scoring_system epss
scoring_elements 0.37538
published_at 2026-04-01T12:55:00Z
8
value 0.00166
scoring_system epss
scoring_elements 0.37668
published_at 2026-04-18T12:55:00Z
9
value 0.00166
scoring_system epss
scoring_elements 0.37719
published_at 2026-04-02T12:55:00Z
10
value 0.00166
scoring_system epss
scoring_elements 0.37744
published_at 2026-04-04T12:55:00Z
11
value 0.00166
scoring_system epss
scoring_elements 0.37622
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-27826
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1905089
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1905089
4
reference_url https://github.com/keycloak/keycloak/commit/dae4a3eaf26590b8d441b8e4bec3b700ee303b72
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keycloak/keycloak/commit/dae4a3eaf26590b8d441b8e4bec3b700ee303b72
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-27826
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-27826
6
reference_url https://security.archlinux.org/AVG-1373
reference_id AVG-1373
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1373
7
reference_url https://github.com/advisories/GHSA-m9cj-v55f-8x26
reference_id GHSA-m9cj-v55f-8x26
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m9cj-v55f-8x26
8
reference_url https://access.redhat.com/errata/RHSA-2020:5526
reference_id RHSA-2020:5526
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5526
9
reference_url https://access.redhat.com/errata/RHSA-2020:5527
reference_id RHSA-2020:5527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5527
10
reference_url https://access.redhat.com/errata/RHSA-2020:5528
reference_id RHSA-2020:5528
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5528
11
reference_url https://access.redhat.com/errata/RHSA-2020:5533
reference_id RHSA-2020:5533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5533
fixed_packages
0
url pkg:alpm/archlinux/keycloak@12.0.0-1
purl pkg:alpm/archlinux/keycloak@12.0.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/keycloak@12.0.0-1
aliases CVE-2020-27826, GHSA-m9cj-v55f-8x26
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t22n-hvrb-67b5
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/keycloak@12.0.0-1